rdiff-backup-bugs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Rdiff-backup-bugs] [bug #16897] Security Violation on first increment w

From: dean gaudet
Subject: [Rdiff-backup-bugs] [bug #16897] Security Violation on first increment while using restrict-update-only
Date: Thu, 10 Jan 2008 06:47:01 +0000
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 
Follow-up Comment #4, bug #16897 (project rdiff-backup):

i'm of very mixed opinion.

if you use a single key restricted to:

rdiff-backup --server --restrict-update-only /mnt/backups/ 

then *any* of the boxes which have that key can do whatever they want to any
of /mnt/backups/subdirs... i.e. they could erase some other server's backup.

personally i think this is a configuration not worth supporting -- it's not
secure.

the only configuration which works is to give a dedicated key to each of the
servers pushing a backup.

-dean

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?16897>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]